II. AMENDMENTS TO THE CLAIMS 

Please amend the claims as follows: 

1 . (Currently Amended) A system including a computer hardware device for addressing 
denial of service attacks directed at a web resource, comprising: 

a system for detecting improper requests; and 

a system for responding to improper requests that i ssu e s an HTTP "OK" 
r e spons e cod e wh e n an i mprop e r r e qu e st i s d e t e ct e d , wherein a request is deemed 
improper if a message body associated with the request has a zero length , and wherein 
the system for responding to improper requests includes a response protocol that 
utilizes a standard error handling procedure for a first improper request from a 
requesting resource, issues an HTTP "OK" response code for N subsequent improper 
requests from the requesting resource, and then stops responding to the requesting 
resource altogether . 

2. (Original) The system of claim 1 , wherein the system for responding stops issuing 
HTTP "OK" response codes and issues no response after a predetermined number of 
improper requests are detected. 

3. (Original) The system of claim 1 , wherein a request is deemed improper if the 
request is received from an unexpected host. 



4. (Canceled) 
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5. (Original) The system of claim 1 , wherein a request is deemed improper if an HTTP 
"post" or an HTTP "get" command is expected and neither an HTTP "post" nor an HTTP 
"get" command is received. 

6. (Original) The system of claim 1 , wherein a request is deemed improper if the 
request includes a HTTP "post" or "get" command with unknown arguments. 

7. (Original) The system of claim 1 , wherein the HTTP "OK" response code comprises 
an HTTP 204 "OK" message code. 

8. (Canceled) 

9. (Original) The system of claim 1 , wherein the web resource comprises a server. 
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1 0. (Currently Amended) A method for addressing denial of service attacks directed at 
a web resource, comprising at least one computing device for processing the steps of: 

receiving messages at the web resource; 

analyzing each message and determining if the message is improper, wherein a 
message is deemed improper if the message is neither an HTTP "post" nor an HTTP 
"get" command when one of these commands is expected, or the message includes a 
HTTP "post" or "get" command with unknown arguments; 

storing the source address of a message if the message is improper; 

responding to a first improper message from an identified source address with an 
HTTP error response; 

responding to a set of N subsequent improper messages from the identified 
source address with HTTP "OK" response codes; and 

stopping responses to the identified source address for all received improper 
messages after the set of N subsequent improper messages have been responded to. 

1 1 . (Original) The method of claim 1 0, wherein a message is deemed improper if the 
message is received from an unexpected host. 

12. (Previously Presented) The method of claim 10, wherein a message is deemed 
improper if a message body associated with the message has a zero length. 

13-14. (Canceled) 
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15. (Original) The method of claim 10, wherein the HTTP "OK" response code 
comprises an HTTP 204 "OK" message code. 

16. (Original) The method of claim 10, wherein the HTTP "OK" response comprises an 
HTTP 200 "OK" message code. 
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17. (Currently Amended) A computer readable medium storing a program product for 
addressing denial of service attacks directed at a web resource, comprising computer 
readable program code for performing the steps of: 

receiving messages at the web resource; 

analyzing each message and determining if the message is improper; 

storing the source address of a message if the message is improper; 

responding to a first improper message from an identified source address with an 
HTTP error response; 

responding to a set f i rst pr e d e t e rmin e d numb e r of N subsequent improper 
messages from the identified source address with HTTP "OK" response codes; and 

stopping responses to the identified source address after the set a second 
prodotorm i nod number of N subsequent improper messages have been responded to 
r*0C0 j v 0 (j 

18. (Canceled) 

19. (Original) The program product of claim 17, wherein a message is deemed 
improper if the message is received from an unexpected host; if the message has a 
zero length; if the message is neither an expected HTTP "post" nor an expected HTTP 
"get" command; or if the message includes a HTTP "post" or "get" command with 
unknown arguments. 
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20. (Original) The program product of claim 17, wherein the HTTP "OK" response codes 
comprise HTTP 204 "OK" response codes. 

21 . (Original) The program product of claim 1 7, wherein messages that are deemed 
proper are passed to the web resource for further processing. 

22. (Original) The program product of claim 17, wherein the web resource is a web 
server. 
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